Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Network Security Viruses & Malware Hackers Security Solutions More Topics...
Mobile Tech
24/7/365 Network Uptime
Average Rating:
Rate this article:  
Samsung Patches Remote Wipe Vulnerability
Samsung Patches Remote Wipe Vulnerability

By Jennifer LeClaire
September 26, 2012 10:17AM

Bookmark and Share
The Samsung remote wipe vulnerability goes beyond corporate concerns for ex-employees. Should all Android users be worried? What about iPhone users? Windows Phone users? Analyst Brad Shimmin said security experts from both the white-hat and black-hat camps are no doubt testing other platforms.
 


Putting an end to potential panic, Samsung is delivering a patch to fix a remote wipe vulnerability over the air. But that's not the only trouble story about the Android operating system coming out of the security world this week.

Samsung Galaxy S III owners are ripe for attack in the face of a vulnerability that could allow a remote attacker to wipe all of their personal data from the mobile device. According to Ravi Borgaonkar, a researcher from the Security in Communications Department at Technical University Berlin, Samsung smartphones with the TouchWiz interface appear to be the only Android phone the flaw affects.

"This is a scary vulnerability because we are already troubled by the thought that the companies we work for can just reach out and destroy our data," Brad Shimmin, an analyst at Current Analysis, told us. "From a corporate perspective one of the biggest concerns you have is data leakage. So it's imperative that the company be able to take remote control of that information."

More Android Flaws

But this vulnerability goes beyond corporate concerns for ex-employees. Should all Android users be worried? What about iPhone users? Windows Phone users? Although the vulnerability is seemingly only on Samsung devices, Shimmin said security experts from both the white-hat and black-hat camps are no doubt testing other platforms. If the vulnerability is on other platforms, Shimmin is confident there will be a report and a fix within the next week.

Meanwhile, subway riders in the New Jersey and San Francisco transit systems can use near-field communication (NFC) Android smartphones to endlessly replenish their fare cards for free, according to Sophos security analyst Lisa Vaas. The app is called UltraReset and researchers at Intrepidus Group developed it.

"Don't bother searching on Google Play for it, though -- the researchers aren't in the business of enabling people to rip off transit systems," Vaas said. "Instead, they've put out a tweaked version, called UltraCardTester, to allow people to test their local transit system's security. You can't rewrite your subway card balance, but you can let the transit people know that their system might be insecure."

Does Your Phone Have Malware?

With stories like these continuing to arise, does that mean the Android platform is less secure than others? This has been hotly debated for years now. But one thing is certain: if you own a device that's running the Android operating system, chances are good that your device is vulnerable to attack, according to Duo Security. Duo's data, collected by its mobile "vulnerability assessment" app, shows that more than half of Android devices have unpatched vulnerabilities.

"Since we launched X-Ray, we've already collected results from over 20,000 Android devices worldwide. Based on these initial results, we estimate that over half of Android devices worldwide have unpatched vulnerabilities that could be exploited by a malicious app or adversary," Duo's Jon Oberheide wrote in a blog post.

"Yes, it's a scary number, but it exemplifies how important expedient patching is to mobile security and how poorly the industry (carriers, device manufacturers, etc) has performed thus far. We feel this is actually a fairly conservative estimate based on our preliminary results, the current set of vulnerabilities detected by X-Ray, and the current distribution of Android versions globally."
 

Tell Us What You Think
Comment:

Name:

Meaghen:

Posted: 2012-09-26 @ 11:47am PT
Great article. With all of the recent high-profile security breaches, it is important for everyone to be extra careful with their information. This is definitely an issue that needs to be addressed. At Mosaic Technology, we are huge proponents of being preventative in data security.

Meaghen



Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.


 Mobile Tech
1.   Amazon 3D Smartphone Pics Leaked
2.   Zebra Buys Motorola Enterprise Biz
3.   CTIA Caves, Offers Kill Switch Plan
4.   Report: Amazon Phone To Feature 3D
5.   Review: Galaxy S5 Features Useful


advertisement
BlackBerry Drops T-Mobile After Spat
Moving on to other carriers after snub.
Average Rating:
Android Wear on Tap for Wearables
OK Google, what's really new here?
Average Rating:
Will Nadella Launch an Office for iPad?
New Microsoft CEO may act this month.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
IBM Offers Security, Disaster Recovery as SoftLayer Service
New disaster recovery and security services for SoftLayer clients are being added by IBM. Big Blue said the new capabilities will speed cloud adoption by alleviating concern over business continuity.
 
How To Beat the Heartbleed Bug
Heartbleed headlines continue as IT admins scramble for answers no one has. Early reports of stolen personal data, including 900 social insurance numbers in Canada, are starting to trickle in.
 
After Heartbleed, OpenSSL Calls for More Support
The president of the OpenSSL Foundation says more support is needed from companies and governments that use its software so that it can better spot and fix flawed pieces of code such as Heartbleed.
 

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
 
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
 
Google Glass Finds a Home in Medical Education, Practice
Google Glass may find its first markets in verticals in which hands-free access to data is a boon. Medicine is among the most prominent of those, as seen in a number of Glass experiments under way.
 

Mobile Technology Spotlight
Amazon 3D Smartphone Pics Leaked
E-commerce giant Amazon is reportedly set to launch a smartphone after years of development. Photos of the phone, which may feature a unique 3D interface, were leaked by tech pub BGR.
 
Zebra Tech Buys Motorola Enterprise for $3.45B
Weeks after Lenovo bought Motorola Mobility’s assets from Google for $2.91 million, Zebra Technologies is throwing down $3.45 billion for Motorola’s Enterprise business in an all-cash deal.
 
CTIA Caves, Volunteers Kill Switch Plan
After bucking against the concept of a smartphone kill switch, the CTIA just announced the “Smartphone Anti-Theft Voluntary Commitment” to thwart smartphone thefts in the U.S.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Hackers | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.